Hi all,

The domain controller of root domain has been crashed. I do not know how
long it has been down. Finally, I rebooted the server and came online. I
tried to add the second domain controller but can not. then I tried to join
the PC to this domain and can not which no domain controller found. I got
these events in the direcory services: event id 1645 with source NTDS
replication, event id 1126 with source global catalog,....I run dcdiag and
fsmo failed check.

Is there a way I can make this domain controller recognized by this domain
without wiping out everything? (windows 2003 R2 SP2)

Thank you for your help.

I have one forest with one empty root domain (one domain controller) and one
child domain (2 domain controllers) that holds users and servers.

unfortunately, only one domain controller for the root domain and no backup?

"Meinolf Weber" wrote:

Quote:

Hello John, Please describe in detail how many dc's you have and the complete domain setup. Do you have subdomains, because you talk about root domain? Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm Hi all, The domain controller of root domain has been crashed. I do not know how long it has been down. Finally, I rebooted the server and came online. I tried to add the second domain controller but can not. then I tried to join the PC to this domain and can not which no domain controller found. I got these events in the direcory services: event id 1645 with source NTDS replication, event id 1126 with source global catalog,....I run dcdiag and fsmo failed check. Is there a way I can make this domain controller recognized by this domain without wiping out everything? (windows 2003 R2 SP2)

Hello John,

Please describe in detail how many dc's you have and the complete domain
setup. Do you have subdomains, because you talk about root domain?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Quote:

Hi all, The domain controller of root domain has been crashed. I do not know how long it has been down. Finally, I rebooted the server and came online. I tried to add the second domain controller but can not. then I tried to join the PC to this domain and can not which no domain controller found. I got these events in the direcory services: event id 1645 with source NTDS replication, event id 1126 with source global catalog,....I run dcdiag and fsmo failed check. Is there a way I can make this domain controller recognized by this domain without wiping out everything? (windows 2003 R2 SP2)

Hello John,

So the server has no physical crash? Please post the complete error messages
from the event viewer. Also post a complete output from dcdiag /v and netdiag
/v

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Quote:

Thank you for your help. I have one forest with one empty root domain (one domain controller) and one child domain (2 domain controllers) that holds users and servers. unfortunately, only one domain controller for the root domain and no backup? "Meinolf Weber" wrote: Hello John, Please describe in detail how many dc's you have and the complete domain setup. Do you have subdomains, because you talk about root domain? Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm Hi all, The domain controller of root domain has been crashed. I do not know how long it has been down. Finally, I rebooted the server and came online. I tried to add the second domain controller but can not. then I tried to join the PC to this domain and can not which no domain controller found. I got these events in the direcory services: event id 1645 with source NTDS replication, event id 1126 with source global catalog,....I run dcdiag and fsmo failed check. Is there a way I can make this domain controller recognized by this domain without wiping out everything? (windows 2003 R2 SP2)

Hello

Which operating system are you using in the parent domain and child domains
?
Dont think about wiping out the parent DC you will also lose your child
domains.

Validate the trust between the domains
Check the UAC value of the domain controller

Thanks
Deep

"Meinolf Weber" <meiweb(nospam)@gmx.de> wrote in message
news:ff16fb66a11188ca9bc943ff69c0@msnews.microsoft.com...

Quote:

Hello John, So the server has no physical crash? Please post the complete error messages from the event viewer. Also post a complete output from dcdiag /v and netdiag /v Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm Thank you for your help. I have one forest with one empty root domain (one domain controller) and one child domain (2 domain controllers) that holds users and servers. unfortunately, only one domain controller for the root domain and no backup? "Meinolf Weber" wrote: Hello John, Please describe in detail how many dc's you have and the complete domain setup. Do you have subdomains, because you talk about root domain? Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm Hi all, The domain controller of root domain has been crashed. I do not know how long it has been down. Finally, I rebooted the server and came online. I tried to add the second domain controller but can not. then I tried to join the PC to this domain and can not which no domain controller found. I got these events in the direcory services: event id 1645 with source NTDS replication, event id 1126 with source global catalog,....I run dcdiag and fsmo failed check. Is there a way I can make this domain controller recognized by this domain without wiping out everything? (windows 2003 R2 SP2)

Thank you for your great help. I collected the logs as you requested. I do
not know how to attach the files and I seperatethem into two post:
PartI_DCDIAG LOG AND ERROR LOG IN THIS POST Sorry that it is too long...

Thanks for your generous time and help.

Part I: The DCdiag AND ERROR log on this rootdomaincontroller1:

**Part II: The Dcdiag log on this rootdomaincontrollername1

Domain Controller Diagnosis

Performing initial setup:
* Verifying that the local machine rootdomaincontrollerName, is a DC.
* Connecting to directory service on server rootdomaincontrollerName.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 4 DC(s). Testing 1 of them.
Done gathering initial info.

Doing initial required tests

Testing server: Site1\rootdomaincontrollerName
Starting test: Connectivity
* Active Directory LDAP Services Check
* Active Directory RPC Services Check
......................... rootdomaincontrollerName passed test
Connectivity

Doing primary tests

Testing server: Site1\rootdomaincontrollerName
Starting test: Replications
* Replications Check
[Replications Check,rootdomaincontrollerName] A recent replication
attempt failed:
From childdomaincontrollerName1 to rootdomaincontrollerName
Naming Context: CN=Schema,CN=Configuration,DC=Internal,DC=Local
The replication generated an error (5):
Access is denied.
The failure occurred at 2008-06-16 12:46:29.
The last success occurred at 2007-10-04 11:46:34.
6024 failures have occurred since the last success.
[childdomaincontrollerName1] DsBindWithSpnEx() failed with error 5,
Access is denied..
[Replications Check,rootdomaincontrollerName] A recent replication
attempt failed:
From childdomaincontrollerName2 to rootdomaincontrollerName
Naming Context: CN=Schema,CN=Configuration,DC=Internal,DC=Local
The replication generated an error (5):
Access is denied.
The failure occurred at 2008-06-16 12:46:29.
The last success occurred at 2007-10-04 09:46:13.
6026 failures have occurred since the last success.
[childdomaincontrollerName2] DsBindWithSpnEx() failed with error 5,
Access is denied..
[Replications Check,rootdomaincontrollerName] A recent replication
attempt failed:
From childdomaincontrollerName3 to rootdomaincontrollerName
Naming Context: CN=Schema,CN=Configuration,DC=Internal,DC=Local
The replication generated an error (5):
Access is denied.
The failure occurred at 2008-06-16 12:46:29.
The last success occurred at 2007-10-04 11:46:55.
6024 failures have occurred since the last success.
[childdomaincontrollerName3] DsBindWithSpnEx() failed with error 5,
Access is denied..
[Replications Check,rootdomaincontrollerName] A recent replication
attempt failed:
From childdomaincontrollerName2 to rootdomaincontrollerName
Naming Context: CN=Configuration,DC=Internal,DC=Local
The replication generated an error (5):
Access is denied.
The failure occurred at 2008-06-16 12:46:29.
The last success occurred at 2007-10-04 11:58:34.
6024 failures have occurred since the last success.
[Replications Check,rootdomaincontrollerName] A recent replication
attempt failed:
From childdomaincontrollerName3 to rootdomaincontrollerName
Naming Context: CN=Configuration,DC=Internal,DC=Local
The replication generated an error (5):
Access is denied.
The failure occurred at 2008-06-16 12:46:29.
The last success occurred at 2007-10-04 12:04:11.
6024 failures have occurred since the last success.
[Replications Check,rootdomaincontrollerName] A recent replication
attempt failed:
From childdomaincontrollerName1 to rootdomaincontrollerName
Naming Context: CN=Configuration,DC=Internal,DC=Local
The replication generated an error (5):
Access is denied.
The failure occurred at 2008-06-16 12:46:29.
The last success occurred at 2007-10-04 11:58:42.
6623 failures have occurred since the last success.
[Replications Check,rootdomaincontrollerName] A recent replication
attempt failed:
From childdomaincontrollerName2 to rootdomaincontrollerName
Naming Context: DC=ForestDnsZones,DC=Internal,DC=Local
The replication generated an error (1256):
The remote system is not available. For information about
network troubleshooting, see Windows Help.
The failure occurred at 2008-06-16 12:46:29.
The last success occurred at 2007-10-04 11:55:00.
6024 failures have occurred since the last success.
[Replications Check,rootdomaincontrollerName] A recent replication
attempt failed:
From childdomaincontrollerName1 to rootdomaincontrollerName
Naming Context: DC=ForestDnsZones,DC=Internal,DC=Local
The replication generated an error (1256):
The remote system is not available. For information about
network troubleshooting, see Windows Help.
The failure occurred at 2008-06-16 12:46:29.
The last success occurred at 2007-10-04 11:55:21.
6037 failures have occurred since the last success.
* Replication Latency Check
REPLICATION-RECEIVED LATENCY WARNING
rootdomaincontrollerName: Current time is 2008-06-16 13:02:32.
CN=Schema,CN=Configuration,DC=Internal,DC=Local
Last replication recieved from childdomaincontrollerName1 at
2007-10-04 11:46:34.
WARNING: This latency is over the Tombstone Lifetime of 60
days!
Last replication recieved from childdomaincontrollerName3 at
2007-10-04 11:46:55.
WARNING: This latency is over the Tombstone Lifetime of 60
days!
Latency information for 25 entries in the vector were ignored.
24 were retired Invocations. 0 were either: read-only
replicas and are not verifiably latent, or dc's no longer replicating this
nc. 1 had no latency information (Win2K DC).
CN=Configuration,DC=Internal,DC=Local
Last replication recieved from childdomaincontrollerName2 at
2007-10-04 11:58:39.
WARNING: This latency is over the Tombstone Lifetime of 60
days!
Last replication recieved from childdomaincontrollerName1 at
2007-10-04 11:58:42.
WARNING: This latency is over the Tombstone Lifetime of 60
days!
Last replication recieved from childdomaincontrollerName3 at
2007-10-04 12:04:11.
WARNING: This latency is over the Tombstone Lifetime of 60
days!
Latency information for 25 entries in the vector were ignored.
25 were retired Invocations. 0 were either: read-only
replicas and are not verifiably latent, or dc's no longer replicating this
nc. 0 had no latency information (Win2K DC).
DC=ForestDnsZones,DC=Internal,DC=Local
Last replication recieved from childdomaincontrollerName2 at
2007-10-04 11:53:15.
WARNING: This latency is over the Tombstone Lifetime of 60
days!
Last replication recieved from childdomaincontrollerName1 at
2007-10-04 11:55:21.
WARNING: This latency is over the Tombstone Lifetime of 60
days!
Latency information for 6 entries in the vector were ignored.
6 were retired Invocations. 0 were either: read-only
replicas and are not verifiably latent, or dc's no longer replicating this
nc. 0 had no latency information (Win2K DC).
DC=DomainDnsZones,DC=Internal,DC=Local
Latency information for 4 entries in the vector were ignored.
4 were retired Invocations. 0 were either: read-only
replicas and are not verifiably latent, or dc's no longer replicating this
nc. 0 had no latency information (Win2K DC).
DC=Internal,DC=Local
Latency information for 14 entries in the vector were ignored.
14 were retired Invocations. 0 were either: read-only
replicas and are not verifiably latent, or dc's no longer replicating this
nc. 0 had no latency information (Win2K DC).
* Replication Site Latency Check
......................... rootdomaincontrollerName passed test
Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Starting test: NCSecDesc
* Security Permissions check for all NC's on DC
rootdomaincontrollerName.
* Security Permissions Check for
DC=ForestDnsZones,DC=Internal,DC=Local
(NDNC,Version 2)
* Security Permissions Check for
DC=DomainDnsZones,DC=Internal,DC=Local
(NDNC,Version 2)
* Security Permissions Check for
CN=Schema,CN=Configuration,DC=Internal,DC=Local
(Schema,Version 2)
* Security Permissions Check for
CN=Configuration,DC=Internal,DC=Local
(Configuration,Version 2)
* Security Permissions Check for
DC=Internal,DC=Local
(Domain,Version 2)
......................... rootdomaincontrollerName passed test
NCSecDesc
Starting test: NetLogons
* Network Logons Privileges Check
Verified share \\rootdomaincontrollerName\netlogon
Verified share \\rootdomaincontrollerName\sysvol
......................... rootdomaincontrollerName passed test
NetLogons
Starting test: Advertising
Fatal Error:DsGetDcName (rootdomaincontrollerName) call failed,
error 1355
The Locator could not find the server.
......................... rootdomaincontrollerName failed test
Advertising
Starting test: KnowsOfRoleHolders
Role Schema Owner = CN=NTDS
Settings,CN=rootdomaincontrollerName,CN=Servers,CN=Site1,CN=Sites,CN=Configuration,DC=Internal,DC=Local
Role Domain Owner = CN=NTDS
Settings,CN=rootdomaincontrollerName,CN=Servers,CN=Site1,CN=Sites,CN=Configuration,DC=Internal,DC=Local
Role PDC Owner = CN=NTDS
Settings,CN=rootdomaincontrollerName,CN=Servers,CN=Site1,CN=Sites,CN=Configuration,DC=Internal,DC=Local
Role Rid Owner = CN=NTDS
Settings,CN=rootdomaincontrollerName,CN=Servers,CN=Site1,CN=Sites,CN=Configuration,DC=Internal,DC=Local
Role Infrastructure Update Owner = CN=NTDS
Settings,CN=rootdomaincontrollerName,CN=Servers,CN=Site1,CN=Sites,CN=Configuration,DC=Internal,DC=Local
......................... rootdomaincontrollerName passed test
KnowsOfRoleHolders
Starting test: RidManager
* Available RID Pool for the Domain is 10613 to 1073741823
* rootdomaincontrollerName.Internal.Local is the RID Master
* DsBind with RID Master was successful
* rIDAllocationPool is 10113 to 10612
* rIDPreviousAllocationPool is 10113 to 10612
* rIDNextRID: 10114
......................... rootdomaincontrollerName passed test
RidManager
Starting test: MachineAccount
Checking machine account for DC rootdomaincontrollerName on DC
rootdomaincontrollerName.
* SPN found
:LDAP/rootdomaincontrollerName.Internal.Local/Internal.Local
* SPN found :LDAP/rootdomaincontrollerName.Internal.Local
* SPN found :LDAP/rootdomaincontrollerName
* SPN found :LDAP/rootdomaincontrollerName.Internal.Local/EISNER
* SPN found
:LDAP/06e8d104-237a-4ee2-b28a-f1498e59d563._msdcs.Internal.Local
* SPN found
:E3514235-4B06-11D1-AB04-00C04FC2DCD2/06e8d104-237a-4ee2-b28a-f1498e59d563/Internal.Local
* SPN found
:HOST/rootdomaincontrollerName.Internal.Local/Internal.Local
* SPN found :HOST/rootdomaincontrollerName.Internal.Local
* SPN found :HOST/rootdomaincontrollerName
* SPN found :HOST/rootdomaincontrollerName.Internal.Local/EISNER
* SPN found
:GC/rootdomaincontrollerName.Internal.Local/Internal.Local
......................... rootdomaincontrollerName passed test
MachineAccount
Starting test: Services
* Checking Service: Dnscache
* Checking Service: NtFrs
* Checking Service: IsmServ
* Checking Service: kdc
* Checking Service: SamSs
* Checking Service: LanmanServer
* Checking Service: LanmanWorkstation
* Checking Service: RpcSs
* Checking Service: w32time
* Checking Service: NETLOGON
NETLOGON Service is paused on [rootdomaincontrollerName]
......................... rootdomaincontrollerName failed test
Services
Test omitted by user request: OutboundSecureChannels
Starting test: ObjectsReplicated
rootdomaincontrollerName is in domain DC=Internal,DC=Local
Checking for CN=rootdomaincontrollerName,OU=Domain
Controllers,DC=Internal,DC=Local in domain DC=Internal,DC=Local on 1 servers
Object is up-to-date on all servers.
Checking for CN=NTDS
Settings,CN=rootdomaincontrollerName,CN=Servers,CN=Site1,CN=Sites,CN=Configuration,DC=Internal,DC=Local
in domain CN=Configuration,DC=Internal,DC=Local on 1 servers
Object is up-to-date on all servers.
......................... rootdomaincontrollerName passed test
ObjectsReplicated
Starting test: frssysvol
* The File Replication Service SYSVOL ready test
File Replication Service's SYSVOL is ready
......................... rootdomaincontrollerName passed test
frssysvol
Starting test: frsevent
* The File Replication Service Event log test
......................... rootdomaincontrollerName passed test
frsevent
Starting test: kccevent
* The KCC Event log test
An Warning Event occured. EventID: 0x80000677
Time Generated: 06/16/2008 12:59:54
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0000466
Time Generated: 06/16/2008 12:59:54
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x80000786
Time Generated: 06/16/2008 12:59:54
Event String: The attempt to establish a replication link to
aread-only directory partition with the followingparameters failed.
Directory partition: DC=us,DC=Internal,DC=Local Source domain controller:
CN=NTDS
Settings,CN=childdomaincontrollerName1,CN=Servers,CN=Site1,CN=Sites,CN=Configuration,DC=Internal,DC=Local
Source domain controller address:
9abdc27e-3791-4382-9878-fd51c761f90c._msdcs.Internal.Local Intersite
transport (if any): Additional Data Error value: 5 Access is denied.
An Warning Event occured. EventID: 0x80000786
Time Generated: 06/16/2008 12:59:54
Event String: The attempt to establish a replication link to
aread-only directory partition with the followingparameters failed.
Directory partition: DC=us,DC=Internal,DC=Local Source domain controller:
CN=NTDS
Settings,CN=childdomaincontrollerName2,CN=Servers,CN=Site1,CN=Sites,CN=Configuration,DC=Internal,DC=Local
Source domain controller address:
1395049a-a8cc-4a44-98a0-f53eb8e5239f._msdcs.Internal.Local Intersite
transport (if any): Additional Data Error value: 5 Access is denied.
An Warning Event occured. EventID: 0x80000786
Time Generated: 06/16/2008 12:59:54
Event String: The attempt to establish a replication link to
aread-only directory partition with the followingparameters failed.
Directory partition: DC=us,DC=Internal,DC=Local Source domain controller:
CN=NTDS
Settings,CN=childdomaincontrollerName3,CN=Servers,CN=Site1,CN=Sites,CN=Configuration,DC=Internal,DC=Local
Source domain controller address:
56ae8abc-0a16-4665-8a15-e5956de88afc._msdcs.Internal.Local Intersite
transport (if any): Additional Data Error value: 5 Access is denied.
An Warning Event occured. EventID: 0x80000677
Time Generated: 06/16/2008 13:02:10
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0000466
Time Generated: 06/16/2008 13:02:10
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x80000677
Time Generated: 06/16/2008 13:03:43
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0000466
Time Generated: 06/16/2008 13:03:43
(Event String could not be retrieved)
......................... rootdomaincontrollerName failed test
kccevent
Starting test: systemlog
* The System Event log test
Found no errors in System Event log in the last 60 minutes.
......................... rootdomaincontrollerName passed test
systemlog
Test omitted by user request: VerifyReplicas
Starting test: VerifyReferences
The system object reference (serverReference)
CN=rootdomaincontrollerName,OU=Domain Controllers,DC=Internal,DC=Local and
backlink on
CN=rootdomaincontrollerName,CN=Servers,CN=Site1,CN=Sites,CN=Configuration,DC=Internal,DC=Local are correct.
The system object reference (frsComputerReferenceBL)
CN=rootdomaincontrollerName,CN=Domain System Volume (SYSVOL share),CN=File
Replication Service,CN=System,DC=Internal,DC=Local and backlink on
CN=rootdomaincontrollerName,OU=Domain Controllers,DC=Internal,DC=Local
are correct.
The system object reference (serverReferenceBL)
CN=rootdomaincontrollerName,CN=Domain System Volume (SYSVOL share),CN=File
Replication Service,CN=System,DC=Internal,DC=Local and backlink on
CN=NTDS
Settings,CN=rootdomaincontrollerName,CN=Servers,CN=Site1,CN=Sites,CN=Configuration,DC=Internal,DC=Local are correct.
......................... rootdomaincontrollerName passed test
VerifyReferences
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: CheckSecurityError

Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom

Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom

Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom

Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test
CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom

Running partition tests on : eisner
Starting test: CrossRefValidation
......................... eisner passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... eisner passed test CheckSDRefDom

Running enterprise tests on : Internal.Local
Starting test: Intersite
Skipping site Site1, this site is outside the scope provided by the
command line arguments provided.
......................... Internal.Local passed test Intersite
Starting test: FsmoCheck
[childdomaincontrollerName2] LDAP bind failed with error 1323,
Unable to update the password. The value provided as the current
password is incorrect..
Warning: Couldn't verify this server as a GC in this servers AD.
GC Name: \\childdomaincontrollerName2.us.Internal.Local
Locator Flags: 0xe00001bc
PDC Name: \\rootdomaincontrollerName.Internal.Local
Locator Flags: 0xe00003f9
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error
1355
A Good Time Server could not be located.
Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
A KDC could not be located - All the KDCs are down.
......................... Internal.Local failed test FsmoCheck
Test omitted by user request: DNS
Test omitted by user request: DNS
________________________________________________


PartIII error messages:


In the Application Log:

Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1054
Date: 6/16/2008
Time: 12:58:43 PM
User: NT AUTHORITY\SYSTEM
Computer: Rootdomaincontroller1
Description:
Windows cannot obtain the domain controller name for your computer network.
(The specified domain either does not exist or could not be contacted. ).
Group Policy processing aborted.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

____________________________________________________________________________________-
In the Directory service Log:

Event Type: Error
Event Source: NTDS General
Event Category: Global Catalog
Event ID: 1126
Date: 6/16/2008
Time: 1:03:43 PM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: Rootdomaincontroller1
Description:
Active Directory was unable to establish a connection with the global
catalog.

Additional Data
Error value:
1355 The specified domain either does not exist or could not be contacted.
Internal ID:
3200d33

User Action:
Make sure a global catalog is available in the forest, and is reachable from
this domain controller. You may use the nltest utility to diagnose this
problem.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
_________________________________________________________________________________________________________________
Event Type: Warning
Event Source: NTDS General
Event Category: Global Catalog
Event ID: 1655
Date: 6/16/2008
Time: 1:03:43 PM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: Rootdomaincontroller1
Description:
Active Directory attempted to communicate with the following global catalog
and the attempts were unsuccessful.

Global catalog:
\\Childdomaincontroller3.us.internal.local

The operation in progress might be unable to continue. Active Directory will
use the domain controller locator to try to find an available global catalog
server.

Additional Data
Error value:
5 Access is denied.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.





"Meinolf Weber" wrote:

Quote:

Hello John, So the server has no physical crash? Please post the complete error messages from the event viewer. Also post a complete output from dcdiag /v and netdiag /v Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm Thank you for your help. I have one forest with one empty root domain (one domain controller) and one child domain (2 domain controllers) that holds users and servers. unfortunately, only one domain controller for the root domain and no backup? "Meinolf Weber" wrote: Hello John, Please describe in detail how many dc's you have and the complete domain setup. Do you have subdomains, because you talk about root domain? Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm Hi all, The domain controller of root domain has been crashed. I do not know how long it has been down. Finally, I rebooted the server and came online. I tried to add the second domain controller but can not. then I tried to join the PC to this domain and can not which no domain controller found. I got these events in the direcory services: event id 1645 with source NTDS replication, event id 1126 with source global catalog,....I run dcdiag and fsmo failed check. Is there a way I can make this domain controller recognized by this domain without wiping out everything? (windows 2003 R2 SP2)

i HAVE TO SEPERATE netdiag log into two parts due to size limitation:

Netdiag log -Part I


Gathering IPX configuration information.
Querying status of the Netcard drivers... Passed
Testing Domain membership... Passed
Gathering NetBT configuration information.
Testing for autoconfiguration... Passed
Testing IP loopback ping... Passed
Testing default gateways... Passed
Enumerating local and remote NetBT name cache... Passed
Testing the WINS server
Local Area Connection
There is no primary WINS server defined for this adapter.
There is no secondary WINS server defined for this adapter.
Gathering Winsock information.
Testing DNS
PASS - All the DNS entries for DC are registered on DNS server
'10.1.10.101' and other DCs also have some of the names registered.
[WARNING] The DNS entries for this DC cannot be verified right now on
DNS server 10.1.10.102, ERROR_TIMEOUT.
Testing redirector and browser... Passed
Testing DC discovery.
Looking for a DC
Gathering the list of Domain Controllers for domain 'INTERNAL'
Testing trust relationships... Skipped
Testing Kerberos authentication... Failed
Testing LDAP servers in Domain INTERNAL ...
Gathering routing information
Gathering network statistics information.
Gathering configuration of bindings.
Gathering RAS connection information
Gathering Modem information
Gathering Netware information
Gathering IP Security information

Tests complete.


Computer Name: ROOTDOMAINCONTROLLERNAME1
DNS Host Name: ROOTDOMAINCONTROLLERNAME1.Internal.Local
DNS Domain Name: Internal.Local
System info : Microsoft Windows Server 2003 R2 (Build 3790)
Processor : x86 Family 15 Model 2 Stepping 7, GenuineIntel
Hotfixes :
Installed? Name
Yes Q147222
No ServicePackUninstall


Netcard queries test . . . . . . . : Passed

Information of Netcard drivers:


---------------------------------------------------------------------------
Description: Intel 21140-Based PCI Fast Ethernet Adapter (Generic)
Device: \DEVICE\{7986D783-85BE-407B-B29C-F159CF009245}

Media State: Connected

Device State: Connected
Connect Time: 2 days, 19:43:09
Media Speed: 100 Mbps

Packets Sent: 120734
Bytes Sent (Optional): 17149742

Packets Received: 158763
Directed Pkts Recd (Optional): 126799
Bytes Received (Optional): 11628141
Directed Bytes Recd (Optional): 11628141


---------------------------------------------------------------------------
[PASS] - At least one netcard is in the 'Connected' state.



Per interface results:

Adapter : Local Area Connection
Adapter ID . . . . . . . . : {7986D783-85BE-407B-B29C-F159CF009245}

Netcard queries test . . . : Passed

Adapter type . . . . . . . : Ethernet
Host Name. . . . . . . . . : ROOTDOMAINCONTROLLERNAME1
Description. . . . . . . . : Intel 21140-Based PCI Fast Ethernet
Adapter (Generic)
Physical Address . . . . . : 00-03-FF-53-CE-C0
Dhcp Enabled . . . . . . . : No
DHCP ClassID . . . . . . . :
Autoconfiguration Enabled. : Yes
IP Address . . . . . . . . : 10.1.10.101
Subnet Mask. . . . . . . . : 255.255.255.0
Default Gateway. . . . . . : 10.1.10.254
Dns Servers. . . . . . . . : 10.1.10.101
10.1.10.102

IpConfig results . . . . . : Passed

AutoConfiguration results. . . . . . : Passed
AutoConfiguration is not in use.

Default gateway test . . . : Passed
Pinging gateway 10.1.10.254 - reachable
At least one gateway reachable for this adapter.

NetBT name test. . . . . . : Passed
NetBT_Tcpip_{7986D783-85BE-407B-B29C-F159CF009245}
ROOTDOMAINCONTROLLERNAME1 <00> UNIQUE REGISTERED
INTERNAL <00> GROUP REGISTERED
INTERNAL <1C> GROUP REGISTERED
ROOTDOMAINCONTROLLERNAME1 <20> UNIQUE REGISTERED
INTERNAL <1B> UNIQUE REGISTERED
INTERNAL <1E> GROUP REGISTERED
INTERNAL <1D> UNIQUE REGISTERED
..__MSBROWSE__.<01> GROUP REGISTERED
[WARNING] At least one of the <00> 'WorkStation Service', <03>
'Messenger Service', <20> 'WINS' names is missing.

NetBios Resolution : Enabled

No remote names have been found.

WINS service test. . . . . : Skipped
There is no primary WINS server defined for this adapter.
There is no secondary WINS server defined for this adapter.
There are no WINS servers configured for this interface.
IPX test : IPX is not installed on this machine.


Global results:


IP General configuration
LMHOSTS Enabled. . . . . . . . : No
DNS for WINS resolution. . . . : Enabled
Node Type. . . . . . . . . . . : Hybrid
NBT Scope ID . . . . . . . . . :
Routing Enabled. . . . . . . . : No
WINS Proxy Enabled . . . . . . : No
DNS resolution for NETBIOS . . : No



Domain membership test . . . . . . : Passed
Machine is a . . . . . . . . . : Primary Domain Controller Emulator
Netbios Domain name. . . . . . : INTERNAL
Dns domain name. . . . . . . . : Internal.Local
Dns forest name. . . . . . . . : Internal.Local
Domain Guid. . . . . . . . . . : {AA43A98E-4DF8-4203-9A26-78FF1912A1EB}
Domain Sid . . . . . . . . . . : S-1-5-21-3758725489-726563557-3471915052
Logon User . . . . . . . . . . : Administrator
Logon Domain . . . . . . . . . : INTERNAL


NetBT transports test. . . . . . . : Passed
List of NetBt transports currently configured:
NetBT_Tcpip_{7986D783-85BE-407B-B29C-F159CF009245}
1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed
PASS - you have at least one non-autoconfigured IP address


IP loopback ping test. . . . . . . : Passed
PASS - pinging IP loopback address was successful.
Your IP stack is most probably OK.


Default gateway test . . . . . . . : Passed
PASS - you have at least one reachable gateway.


NetBT name test. . . . . . . . . . : Passed
No NetBT scope defined
[WARNING] You don't have a single interface with the <00> 'WorkStation
Service', <03> 'Messenger Service', <20> 'WINS' names defined.


Winsock test . . . . . . . . . . . : Passed
The number of protocols which have been reported : 10
Description: MSAFD Tcpip [TCP/IP]
Provider Version :2
Max message size : Stream Oriented
Description: MSAFD Tcpip [UDP/IP]
Provider Version :2
Description: RSVP UDP Service Provider
Provider Version :6
Description: RSVP TCP Service Provider
Provider Version :6
Max message size : Stream Oriented
Description: MSAFD NetBIOS
[\Device\NetBT_Tcpip_{7986D783-85BE-407B-B29C-F159CF009245}] SEQPACKET 0
Provider Version :2
Description: MSAFD NetBIOS
[\Device\NetBT_Tcpip_{7986D783-85BE-407B-B29C-F159CF009245}] DATAGRAM 0
Provider Version :2
Description: MSAFD NetBIOS
[\Device\NetBT_Tcpip_{CB30F76C-0457-4C01-85D7-48518A0C455E}] SEQPACKET 1
Provider Version :2
Description: MSAFD NetBIOS
[\Device\NetBT_Tcpip_{CB30F76C-0457-4C01-85D7-48518A0C455E}] DATAGRAM 1
Provider Version :2
Description: MSAFD NetBIOS
[\Device\NetBT_Tcpip_{639C8016-FABC-4D4C-A551-7994C32B8F8E}] SEQPACKET 2
Provider Version :2
Description: MSAFD NetBIOS
[\Device\NetBT_Tcpip_{639C8016-FABC-4D4C-A551-7994C32B8F8E}] DATAGRAM 2
Provider Version :2

Max UDP size : 65507 bytes


DNS test . . . . . . . . . . . . . : Passed
Interface {7986D783-85BE-407B-B29C-F159CF009245}
DNS Domain:
DNS Servers: 10.1.10.101 10.1.10.102
IP Address: Expected registration with PDN (primary DNS
domain name):
Hostname: ROOTDOMAINCONTROLLERNAME1.Internal.Local.
Authoritative zone: Internal.Local.
Primary DNS server: ROOTDOMAINCONTROLLERNAME1.Internal.Local
10.1.10.101
Authoritative NS:10.1.10.3 10.1.10.101 10.1.10.103 10.1.10.104
Check the DNS registration for DCs entries on DNS server '10.1.10.101'
The Record is different on DNS server '10.1.10.101'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '10.1.10.101', no need to
re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.Internal.Local.
DNS DATA =
SRV 0 100 389 ROOTDOMAINCONTROLLERNAME1.Internal.Local.

The record on DNS server 10.1.10.101 is:
DNS NAME = _ldap._tcp.Internal.Local
DNS DATA =
SRV 0 100 389 e00rda002.Internal.Local
SRV 0 100 389 ROOTDOMAINCONTROLLERNAME1.Internal.Local
+------------------------------------------------------+

The Record is correct on DNS server '10.1.10.101'.

The Record is correct on DNS server '10.1.10.101'.

The Record is correct on DNS server '10.1.10.101'.

The Record is correct on DNS server '10.1.10.101'.

The Record is correct on DNS server '10.1.10.101'.

The Record is different on DNS server '10.1.10.101'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '10.1.10.101', no need to
re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = Internal.Local.
DNS DATA =
A 10.1.10.101

The record on DNS server 10.1.10.101 is:
DNS NAME = Internal.Local
DNS DATA =
A 10.1.10.2
A 10.1.10.102
A 10.1.10.101
A 10.1.10.1
A 169.254.72.15
A 10.1.11.102
A 10.3.1.1
+------------------------------------------------------+

The Record is different on DNS server '10.1.10.101'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '10.1.10.101', no need to
re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = ForestDnsZones.Internal.Local.
DNS DATA =
A 10.1.10.101

The record on DNS server 10.1.10.101 is:
DNS NAME = ForestDnsZones.Internal.Local
DNS DATA =
A 10.1.10.103
A 10.1.10.101
A 10.1.10.104
A 10.1.10.102
+------------------------------------------------------+

The Record is different on DNS server '10.1.10.101'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '10.1.10.101', no need to
re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.ForestDnsZones.Internal.Local.
DNS DATA =
SRV 0 100 389 ROOTDOMAINCONTROLLERNAME1.Internal.Local.

The record on DNS server 10.1.10.101 is:
DNS NAME = _ldap._tcp.ForestDnsZones.Internal.Local
DNS DATA =
SRV 0 100 389 ROOTDOMAINCONTROLLERNAME1.Internal.Local
SRV 0 100 389 dr0.us.Internal.Local
SRV 0 100 389 e00ws3rd2.Internal.Local
SRV 0 100 389 Childdomaincontrollername2.us.Internal.Local
SRV 0 100 389 Childdomaincontrollername1.us.Internal.Local
+------------------------------------------------------+

The Record is different on DNS server '10.1.10.101'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '10.1.10.101', no need to
re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.NY01._sites.ForestDnsZones.Internal.Local.
DNS DATA =
SRV 0 100 389 ROOTDOMAINCONTROLLERNAME1.Internal.Local.

The record on DNS server 10.1.10.101 is:
DNS NAME = _ldap._tcp.NY01._sites.ForestDnsZones.Internal.Local
DNS DATA =
SRV 0 100 389 ROOTDOMAINCONTROLLERNAME1.Internal.Local
SRV 0 100 389 dr0.us.Internal.Local
SRV 0 100 389 e00ws3rd2.Internal.Local
SRV 0 100 389 Childdomaincontrollername2.us.Internal.Local
SRV 0 100 389 Childdomaincontrollername1.us.Internal.Local
+------------------------------------------------------+

The Record is different on DNS server '10.1.10.101'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '10.1.10.101', no need to
re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = DomainDnsZones.Internal.Local.
DNS DATA =
A 10.1.10.101

The record on DNS server 10.1.10.101 is:
DNS NAME = DomainDnsZones.Internal.Local
DNS DATA =
A 10.1.10.102
A 10.1.10.101
+------------------------------------------------------+

The Record is different on DNS server '10.1.10.101'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '10.1.10.101', no need to
re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.DomainDnsZones.Internal.Local.
DNS DATA =
SRV 0 100 389 ROOTDOMAINCONTROLLERNAME1.Internal.Local.

The record on DNS server 10.1.10.101 is:
DNS NAME = _ldap._tcp.DomainDnsZones.Internal.Local
DNS DATA =
SRV 0 100 389 e00ws3rd2.Internal.Local
SRV 0 100 389 ROOTDOMAINCONTROLLERNAME1.Internal.Local
+------------------------------------------------------+

The Record is different on DNS server '10.1.10.101'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '10.1.10.101', no need to
re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _ldap._tcp.NY01._sites.DomainDnsZones.Internal.Local.
DNS DATA =
SRV 0 100 389 ROOTDOMAINCONTROLLERNAME1.Internal.Local.

The record on DNS server 10.1.10.101 is:
DNS NAME = _ldap._tcp.NY01._sites.DomainDnsZones.Internal.Local
DNS DATA =
SRV 0 100 389 e00ws3rd2.Internal.Local
SRV 0 100 389 ROOTDOMAINCONTROLLERNAME1.Internal.Local
+------------------------------------------------------+

The Record is correct on DNS server '10.1.10.101'.

The Record is correct on DNS server '10.1.10.101'.

The Record is correct on DNS server '10.1.10.101'.

The Record is different on DNS server '10.1.10.101'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '10.1.10.101', no need to
re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kerberos._tcp.Internal.Local.
DNS DATA =
SRV 0 100 88 ROOTDOMAINCONTROLLERNAME1.Internal.Local.

The record on DNS server 10.1.10.101 is:
DNS NAME = _kerberos._tcp.Internal.Local
DNS DATA =
SRV 0 100 88 e00rda002.Internal.Local
SRV 0 100 88 ROOTDOMAINCONTROLLERNAME1.Internal.Local
+------------------------------------------------------+

The Record is correct on DNS server '10.1.10.101'.

The Record is different on DNS server '10.1.10.101'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '10.1.10.101', no need to
re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kerberos._udp.Internal.Local.
DNS DATA =
SRV 0 100 88 ROOTDOMAINCONTROLLERNAME1.Internal.Local.

The record on DNS server 10.1.10.101 is:
DNS NAME = _kerberos._udp.Internal.Local
DNS DATA =
SRV 0 100 88 e00rda002.Internal.Local
SRV 0 100 88 ROOTDOMAINCONTROLLERNAME1.Internal.Local
+------------------------------------------------------+

The Record is different on DNS server '10.1.10.101'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '10.1.10.101', no need to
re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kpasswd._tcp.Internal.Local.
DNS DATA =
SRV 0 100 464 ROOTDOMAINCONTROLLERNAME1.Internal.Local.

The record on DNS server 10.1.10.101 is:
DNS NAME = _kpasswd._tcp.Internal.Local
DNS DATA =
SRV 0 100 464 e00rda002.Internal.Local
SRV 0 100 464 ROOTDOMAINCONTROLLERNAME1.Internal.Local
+------------------------------------------------------+

The Record is different on DNS server '10.1.10.101'.
DNS server has more than one entries for this name, usually this means there
are multiple DCs for this domain.
Your DC entry is one of them on DNS server '10.1.10.101', no need to
re-register.

+------------------------------------------------------+
The record on your DC is:
DNS NAME = _kpasswd._udp.Internal.Local.
DNS DATA =
SRV 0 100 464 ROOTDOMAINCONTROLLERNAME1.Internal.Local.

The record on DNS server 10.1.10.101 is:
DNS NAME = _kpasswd._udp.Internal.Local
DNS DATA =
SRV 0 100 464 e00rda002.Internal.Local
SRV 0 100 464 ROOTDOMAINCONTROLLERNAME1.Internal.Local
+------------------------------------------------------+

PASS - All the DNS entries for DC are registered on DNS server
'10.1.10.101' and other DCs also have some of the names registered.
Check the DNS registration for DCs entries on DNS server '10.1.10.102'
Query for DC DNS entry _ldap._tcp.Internal.Local. on DNS server 10.1.10.102
failed.
DNS Error code: ERROR_TIMEOUT (Dns server may be down.)
[WARNING] The DNS entries for this DC cannot be verified right now on
DNS server 10.1.10.102, ERROR_TIMEOUT.


Redir and Browser test . . . . . . : Passed
List of transports currently bound to the Redir
NetbiosSmb
NetBT_Tcpip_{7986D783-85BE-407B-B29C-F159CF009245}
The redir is bound to 1 NetBt transport.

List of transports currently bound to the browser
NetBT_Tcpip_{7986D783-85BE-407B-B29C-F159CF009245}
The browser is bound to 1 NetBt transport.
Mailslot test for INTERNAL* passed.


DC discovery test. . . . . . . . . : Failed

Find DC in domain 'INTERNAL':
[FATAL] Cannot find DC in domain 'INTERNAL'. [ERROR_NO_SUCH_DOMAIN]


DC list test . . . . . . . . . . . : Failed
'INTERNAL': Cannot find DC to get DC list from [test skipped].
List of DCs in Domain 'INTERNAL':


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Skipped
'INTERNAL': Cannot find DC to get DC list from [test skipped].


LDAP test. . . . . . . . . . . . . : Failed
Cannot find DC to run LDAP tests on. The error occurred was: The
specified domain either does not exist or could not be contacted.

Find DC in domain 'INTERNAL':
[WARNING] Cannot find DC in domain 'INTERNAL'. [ERROR_NO_SUCH_DOMAIN]


Routing table test . . . . . . . . : Passed
Active Routes :
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.1.10.254 10.1.10.101 20
10.1.10.0 255.255.255.0 10.1.10.101 10.1.10.101 20
10.1.10.101 255.255.255.255 127.0.0.1 127.0.0.1 20
10.255.255.255 255.255.255.255 10.1.10.101 10.1.10.101 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 240.0.0.0 10.1.10.101 10.1.10.101 20
255.255.255.255 255.255.255.255 10.1.10.101 10.1.10.101 1
No persistent route entries.


Netstat information test . . . . . : Passed


Interface Statistics

Received Sent
Unicast Packets 108888108 110269403
Non-unicast packets 35716 3751
Discards 0 0
Errors 0 0
Unknown protocols 0 458284

Interface index = 1
Description = MS TCP Loopback interface
Type = 24
MTU = 1520
Speed = 10000000
Physical Address = 00-00-00-00-00-00
Administrative Status = 1
Operational Status = 1
Last Changed = 1590954325
Output Queue Length = 0


Interface index = 65539
Description = Intel 21140-Based PCI Fast Ethernet Adapter
(Generic)
Type = 6
MTU = 1500
Speed = 100000000
Physical Address = 00-03-FF-53-CE-C0
Administrative Status = 1
Operational Status = 1
Last Changed = 1590954614
Output Queue Length = 0

"Meinolf Weber" wrote:

Quote:

Hello John, So the server has no physical crash? Please post the complete error messages from the event viewer. Also post a complete output from dcdiag /v and netdiag /v Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm Thank you for your help. I have one forest with one empty root domain (one domain controller) and one child domain (2 domain controllers) that holds users and servers. unfortunately, only one domain controller for the root domain and no backup? "Meinolf Weber" wrote: Hello John, Please describe in detail how many dc's you have and the complete domain setup. Do you have subdomains, because you talk about root domain? Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm Hi all, The domain controller of root domain has been crashed. I do not know how long it has been down. Finally, I rebooted the server and came online. I tried to add the second domain controller but can not. then I tried to join the PC to this domain and can not which no domain controller found. I got these events in the direcory services: event id 1645 with source NTDS replication, event id 1126 with source global catalog,....I run dcdiag and fsmo failed check. Is there a way I can make this domain controller recognized by this domain without wiping out everything? (windows 2003 R2 SP2)

Netdiag log -Part II

Active Connections

Proto Local Address Foreign Address State
TCP ROOTDOMAINCONTROLLERNAME1:nameserver
ROOTDOMAINCONTROLLERNAME1.Internal.Local:2077 LISTENING
TCP ROOTDOMAINCONTROLLERNAME1:domain
ROOTDOMAINCONTROLLERNAME1.Internal.Local:10460 LISTENING
TCP ROOTDOMAINCONTROLLERNAME1:kerberos
ROOTDOMAINCONTROLLERNAME1.Internal.Local:39054 LISTENING
TCP ROOTDOMAINCONTROLLERNAME1:epmap
ROOTDOMAINCONTROLLERNAME1.Internal.Local:24754 LISTENING
TCP ROOTDOMAINCONTROLLERNAME1:ldap
ROOTDOMAINCONTROLLERNAME1.Internal.Local:55509 LISTENING
TCP ROOTDOMAINCONTROLLERNAME1:microsoft-ds
ROOTDOMAINCONTROLLERNAME1.Internal.Local:53352 LISTENING
TCP ROOTDOMAINCONTROLLERNAME1:kpasswd
ROOTDOMAINCONTROLLERNAME1.Internal.Local:2192 LISTENING
TCP ROOTDOMAINCONTROLLERNAME1:http-rpc-epmap
ROOTDOMAINCONTROLLERNAME1.Internal.Local:39022 LISTENING
TCP ROOTDOMAINCONTROLLERNAME1:ldaps
ROOTDOMAINCONTROLLERNAME1.Internal.Local:28677 LISTENING
TCP ROOTDOMAINCONTROLLERNAME1:1025
ROOTDOMAINCONTROLLERNAME1.Internal.Local:39134 LISTENING
TCP ROOTDOMAINCONTROLLERNAME1:1027
ROOTDOMAINCONTROLLERNAME1.Internal.Local:32986 LISTENING
TCP ROOTDOMAINCONTROLLERNAME1:1039
ROOTDOMAINCONTROLLERNAME1.Internal.Local:32924 LISTENING
TCP ROOTDOMAINCONTROLLERNAME1:1041
ROOTDOMAINCONTROLLERNAME1.Internal.Local:8391 LISTENING
TCP ROOTDOMAINCONTROLLERNAME1:1581
ROOTDOMAINCONTROLLERNAME1.Internal.Local:6259 LISTENING
TCP ROOTDOMAINCONTROLLERNAME1:netbios-ssn
ROOTDOMAINCONTROLLERNAME1.Internal.Local:24693 LISTENING
TCP ROOTDOMAINCONTROLLERNAME1:ldap
ROOTDOMAINCONTROLLERNAME1.Internal.Local:2415 ESTABLISHED
TCP ROOTDOMAINCONTROLLERNAME1:1025
ROOTDOMAINCONTROLLERNAME1.Internal.Local:1646 ESTABLISHED
TCP ROOTDOMAINCONTROLLERNAME1:1646
ROOTDOMAINCONTROLLERNAME1.Internal.Local:1025 ESTABLISHED
TCP ROOTDOMAINCONTROLLERNAME1:2006
ROOTDOMAINCONTROLLERNAME1.Internal.Local:ldap CLOSE_WAIT
TCP ROOTDOMAINCONTROLLERNAME1:2415
ROOTDOMAINCONTROLLERNAME1.Internal.Local:ldap ESTABLISHED
TCP ROOTDOMAINCONTROLLERNAME1:4072
Childdomaincontrollername1:epmap TIME_WAIT
TCP ROOTDOMAINCONTROLLERNAME1:4080
Childdomaincontrollername1:epmap ESTABLISHED
TCP ROOTDOMAINCONTROLLERNAME1:4121
Childdomaincontrollername3.us.Internal.Local:epmap ESTABLISHED
TCP ROOTDOMAINCONTROLLERNAME1:4122
Childdomaincontrollername3.us.Internal.Local:1026 ESTABLISHED
TCP ROOTDOMAINCONTROLLERNAME1:4123
Childdomaincontrollername2:epmap ESTABLISHED
TCP ROOTDOMAINCONTROLLERNAME1:4124
Childdomaincontrollername2:1026 TIME_WAIT
TCP ROOTDOMAINCONTROLLERNAME1:4127
Childdomaincontrollername3.us.Internal.Local:epmap ESTABLISHED
TCP ROOTDOMAINCONTROLLERNAME1:4128
Childdomaincontrollername3.us.Internal.Local:1026 TIME_WAIT
TCP ROOTDOMAINCONTROLLERNAME1:ldap
ROOTDOMAINCONTROLLERNAME1.Internal.Local:1033 ESTABLISHED
TCP ROOTDOMAINCONTROLLERNAME1:ldap
ROOTDOMAINCONTROLLERNAME1.Internal.Local:1036 ESTABLISHED
TCP ROOTDOMAINCONTROLLERNAME1:ldap
ROOTDOMAINCONTROLLERNAME1.Internal.Local:1037 ESTABLISHED
TCP ROOTDOMAINCONTROLLERNAME1:ldap
ROOTDOMAINCONTROLLERNAME1.Internal.Local:2418 ESTABLISHED
TCP ROOTDOMAINCONTROLLERNAME1:1033
ROOTDOMAINCONTROLLERNAME1.Internal.Local:ldap ESTABLISHED
TCP ROOTDOMAINCONTROLLERNAME1:1036
ROOTDOMAINCONTROLLERNAME1.Internal.Local:ldap ESTABLISHED
TCP ROOTDOMAINCONTROLLERNAME1:1037
ROOTDOMAINCONTROLLERNAME1.Internal.Local:ldap ESTABLISHED
TCP ROOTDOMAINCONTROLLERNAME1:2418
ROOTDOMAINCONTROLLERNAME1.Internal.Local:ldap ESTABLISHED
UDP ROOTDOMAINCONTROLLERNAME1:nameserver *:*

UDP ROOTDOMAINCONTROLLERNAME1:microsoft-ds *:*

UDP ROOTDOMAINCONTROLLERNAME1:isakmp *:*

UDP ROOTDOMAINCONTROLLERNAME1:1029 *:*

UDP ROOTDOMAINCONTROLLERNAME1:1034 *:*

UDP ROOTDOMAINCONTROLLERNAME1:1035 *:*

UDP ROOTDOMAINCONTROLLERNAME1:1038 *:*

UDP ROOTDOMAINCONTROLLERNAME1:ipsec-msft *:*

UDP ROOTDOMAINCONTROLLERNAME1:domain *:*

UDP ROOTDOMAINCONTROLLERNAME1:kerberos *:*

UDP ROOTDOMAINCONTROLLERNAME1:ntp *:*

UDP ROOTDOMAINCONTROLLERNAME1:netbios-ns *:*

UDP ROOTDOMAINCONTROLLERNAME1:netbios-dgm *:*

UDP ROOTDOMAINCONTROLLERNAME1:389 *:*

UDP ROOTDOMAINCONTROLLERNAME1:kpasswd *:*

UDP ROOTDOMAINCONTROLLERNAME1:domain *:*

UDP ROOTDOMAINCONTROLLERNAME1:ntp *:*

UDP ROOTDOMAINCONTROLLERNAME1:1031 *:*

UDP ROOTDOMAINCONTROLLERNAME1:1032 *:*

UDP ROOTDOMAINCONTROLLERNAME1:1040 *:*

UDP ROOTDOMAINCONTROLLERNAME1:1042 *:*

UDP ROOTDOMAINCONTROLLERNAME1:1070 *:*

UDP ROOTDOMAINCONTROLLERNAME1:1579 *:*

UDP ROOTDOMAINCONTROLLERNAME1:1582 *:*

UDP ROOTDOMAINCONTROLLERNAME1:1846 *:*

UDP ROOTDOMAINCONTROLLERNAME1:2005 *:*

UDP ROOTDOMAINCONTROLLERNAME1:2076 *:*

UDP ROOTDOMAINCONTROLLERNAME1:2313 *:*



IP Statistics

Packets Received = 481,735
Received Header Errors = 0
Received Address Errors = 1,116
Datagrams Forwarded = 0
Unknown Protocols Received = 0
Received Packets Discarded = 0
Received Packets Delivered = 481,129
Output Requests = 455,985
Routing Discards = 0
Discarded Output Packets = 0
Output Packet No Route = 0
Reassembly Required = 0
Reassembly Successful = 0
Reassembly Failures = 0
Datagrams successfully fragmented = 0
Datagrams failing fragmentation = 0
Fragments Created = 0
Forwarding = 2
Default TTL = 128
Reassembly timeout = 60


TCP Statistics

Active Opens = 7,785
Passive Opens = 20,185
Failed Connection Attempts = 34
Reset Connections = 10
Current Connections = 18
Received Segments = 415,274
Segment Sent = 403,610
Segment Retransmitted = 166
Retransmission Timeout Algorithm = vanj
Minimum Retransmission Timeout = 300
Maximum Retransmission Timeout = 120,000
Maximum Number of Connections = -1


UDP Statistics

Datagrams Received = 50,897
No Ports = 7,740
Receive Errors = 1
Datagrams Sent = 37,312


ICMP Statistics

Received Sent
Messages 14,830 14,830
Errors 0 0
Destination Unreachable 122 122
Time Exceeded 0 0
Parameter Problems 0 0
Source Quenchs 0 0
Redirects 0 0
Echos 7,352 7,352
Echo Replies 7,356 7,356
Timestamps 0 0
Timestamp Replies 0 0
Address Masks 0 0
Address Mask Replies 0 0


Bindings test. . . . . . . . . . . : Passed
Component Name : NDIS Usermode I/O Protocol
Bind Name: Ndisuio
Binding Paths:
Owner of the binding path : NDIS Usermode I/O Protocol
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: ndis5
Upper Component: NDIS Usermode I/O Protocol
Lower Component: Intel 21140-Based PCI Fast Ethernet Adapter
(Generic)


Component Name : Point to Point Protocol Over Ethernet
Bind Name: RasPppoe
Binding Paths:
Owner of the binding path : Point to Point Protocol Over Ethernet
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: ndis5
Upper Component: Point to Point Protocol Over Ethernet
Lower Component: Intel 21140-Based PCI Fast Ethernet Adapter
(Generic)


Component Name : Point to Point Tunneling Protocol
Bind Name: mspptp
Binding Paths:

Component Name : Layer 2 Tunneling Protocol
Bind Name: msl2tp
Binding Paths:

Component Name : Remote Access NDIS WAN Driver
Bind Name: NdisWan
Binding Paths:
Owner of the binding path : Remote Access NDIS WAN Driver
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: ndiscowan
Upper Component: Remote Access NDIS WAN Driver
Lower Component: Direct Parallel

Owner of the binding path : Remote Access NDIS WAN Driver
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: ndiswan
Upper Component: Remote Access NDIS WAN Driver
Lower Component: WAN Miniport (PPPOE)

Owner of the binding path : Remote Access NDIS WAN Driver
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: ndiswan
Upper Component: Remote Access NDIS WAN Driver
Lower Component: WAN Miniport (PPTP)

Owner of the binding path : Remote Access NDIS WAN Driver
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: ndiscowan
Upper Component: Remote Access NDIS WAN Driver
Lower Component: WAN Miniport (L2TP)

Owner of the binding path : Remote Access NDIS WAN Driver
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: ndiswanasync
Upper Component: Remote Access NDIS WAN Driver
Lower Component: RAS Async Adapter


Component Name : Message-oriented TCP/IP Protocol (SMB session)
Bind Name: NetbiosSmb
Binding Paths:

Component Name : WINS Client(TCP/IP) Protocol
Bind Name: NetBT
Binding Paths:
Owner of the binding path : WINS Client(TCP/IP) Protocol
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: Intel 21140-Based PCI Fast Ethernet Adapter
(Generic)

Owner of the binding path : WINS Client(TCP/IP) Protocol
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndiswanip
Upper Component: Internet Protocol (TCP/IP)
Lower Component: WAN Miniport (IP)


Component Name : Internet Protocol (TCP/IP)
Bind Name: Tcpip
Binding Paths:
Owner of the binding path : Internet Protocol (TCP/IP)
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: Intel 21140-Based PCI Fast Ethernet Adapter
(Generic)

Owner of the binding path : Internet Protocol (TCP/IP)
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: ndiswanip
Upper Component: Internet Protocol (TCP/IP)
Lower Component: WAN Miniport (IP)


Component Name : Client for Microsoft Networks
Bind Name: LanmanWorkstation
Binding Paths:
Owner of the binding path : Client for Microsoft Networks
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: netbios_smb
Upper Component: Client for Microsoft Networks
Lower Component: Message-oriented TCP/IP Protocol (SMB session)

Owner of the binding path : Client for Microsoft Networks
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: netbios
Upper Component: Client for Microsoft Networks
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: Intel 21140-Based PCI Fast Ethernet Adapter
(Generic)

Owner of the binding path : Client for Microsoft Networks
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: netbios
Upper Component: Client for Microsoft Networks
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndiswanip
Upper Component: Internet Protocol (TCP/IP)
Lower Component: WAN Miniport (IP)


Component Name : WebClient
Bind Name: WebClient
Binding Paths:

Component Name : Wireless Configuration
Bind Name: wzcsvc
Binding Paths:

Component Name : Network Load Balancing
Bind Name: Wlbs
Binding Paths:
Owner of the binding path : Network Load Balancing
Binding Enabled: No
Interfaces of the binding path:
-Interface Name: ndis5
Upper Component: Network Load Balancing
Lower Component: Intel 21140-Based PCI Fast Ethernet Adapter
(Generic)


Component Name : Steelhead
Bind Name: RemoteAccess
Binding Paths:

Component Name : Dial-Up Server
Bind Name: msrassrv
Binding Paths:

Component Name : Remote Access Connection Manager
Bind Name: RasMan
Binding Paths:

Component Name : Dial-Up Client
Bind Name: msrascli
Binding Paths:

Component Name : File and Printer Sharing for Microsoft Networks
Bind Name: LanmanServer
Binding Paths:
Owner of the binding path : File and Printer Sharing for Microsoft
Networks
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: netbios_smb
Upper Component: File and Printer Sharing for Microsoft Networks
Lower Component: Message-oriented TCP/IP Protocol (SMB session)

Owner of the binding path : File and Printer Sharing for Microsoft
Networks
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: netbios
Upper Component: File and Printer Sharing for Microsoft Networks
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: Intel 21140-Based PCI Fast Ethernet Adapter
(Generic)

Owner of the binding path : File and Printer Sharing for Microsoft
Networks
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: netbios
Upper Component: File and Printer Sharing for Microsoft Networks
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndiswanip
Upper Component: Internet Protocol (TCP/IP)
Lower Component: WAN Miniport (IP)


Component Name : NetBIOS Interface
Bind Name: NetBIOS
Binding Paths:
Owner of the binding path : NetBIOS Interface
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: netbios
Upper Component: NetBIOS Interface
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndis5
Upper Component: Internet Protocol (TCP/IP)
Lower Component: Intel 21140-Based PCI Fast Ethernet Adapter
(Generic)

Owner of the binding path : NetBIOS Interface
Binding Enabled: Yes
Interfaces of the binding path:
-Interface Name: netbios
Upper Component: NetBIOS Interface
Lower Component: WINS Client(TCP/IP) Protocol
-Interface Name: tdi
Upper Component: WINS Client(TCP/IP) Protocol
Lower Component: Internet Protocol (TCP/IP)
-Interface Name: ndiswanip
Upper Component: Internet Protocol (TCP/IP)
Lower Component: WAN Miniport (IP)


Component Name : Generic Packet Classifier
Bind Name: Gpc
Binding Paths:

Component Name : Application Layer Gateway
Bind Name: ALG
Binding Paths:

Component Name : WAN Miniport (IP)
Bind Name: NdisWanIp
Binding Paths:

Component Name : Direct Parallel
Bind Name: {961ECA01-5531-4445-AC96-E57809F98CAB}
Binding Paths:

Component Name : WAN Miniport (PPPOE)
Bind Name: {C460D90E-7C04-4760-B15A-8647B7AB6143}
Binding Paths:

Component Name : WAN Miniport (PPTP)
Bind Name: {FC1BA126-310E-4DA0-94F3-C799C367B339}
Binding Paths:

Component Name : WAN Miniport (L2TP)
Bind Name: {C915E910-519E-46E9-89F4-2119F5DDA16F}
Binding Paths:

Component Name : RAS Async Adapter
Bind Name: {CC3E9768-5BBA-40AA-B1FC-C7E67CC21D50}
Binding Paths:

Component Name : Intel 21140-Based PCI Fast Ethernet Adapter (Generic)
Bind Name: {7986D783-85BE-407B-B29C-F159CF009245}
Binding Paths:



WAN configuration test . . . . . . : Skipped
No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

Note: run "netsh ipsec dynamic show /?" for more detailed information


The command completed successfully


"Meinolf Weber" wrote:

Quote:

Hello John, So the server has no physical crash? Please post the complete error messages from the event viewer. Also post a complete output from dcdiag /v and netdiag /v Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm Thank you for your help. I have one forest with one empty root domain (one domain controller) and one child domain (2 domain controllers) that holds users and servers. unfortunately, only one domain controller for the root domain and no backup? "Meinolf Weber" wrote: Hello John, Please describe in detail how many dc's you have and the complete domain setup. Do you have subdomains, because you talk about root domain? Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm Hi all, The domain controller of root domain has been crashed. I do not know how long it has been down. Finally, I rebooted the server and came online. I tried to add the second domain controller but can not. then I tried to join the PC to this domain and can not which no domain controller found. I got these events in the direcory services: event id 1645 with source NTDS replication, event id 1126 with source global catalog,....I run dcdiag and fsmo failed check. Is there a way I can make this domain controller recognized by this domain without wiping out everything? (windows 2003 R2 SP2)

Hi Meinolf,

Thank you.

It could be tomestone issue. BTW, this is my test environment and I really
do not how long the root domain DC was down before.

One day when I checked my root dc log and found lots of replication issues
and server frozen. Later, I rebooted the server and it came back. The
outbound and inbound replication is disabled and I just enabled through
adsiedit.msc. I have only one root domain DC.

Thank you!!!

"Meinolf Weber" wrote:

Quote:

Hello John, Ok, your dcdiag stated a tombstone lifetime issue, it's over the 60 day limit when replication has to occur. Please describe in detail about the crashed DC and what you have done. So in the root domain this was the only DC, is that correct? Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm Hi all, The domain controller of root domain has been crashed. I do not know how long it has been down. Finally, I rebooted the server and came online. I tried to add the second domain controller but can not. then I tried to join the PC to this domain and can not which no domain controller found. I got these events in the direcory services: event id 1645 with source NTDS replication, event id 1126 with source global catalog,....I run dcdiag and fsmo failed check. Is there a way I can make this domain controller recognized by this domain without wiping out everything? (windows 2003 R2 SP2)

Hello John,

Ok, your dcdiag stated a tombstone lifetime issue, it's over the 60 day limit
when replication has to occur. Please describe in detail about the crashed
DC and what you have done. So in the root domain this was the only DC, is
that correct?

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Quote:

Hi all, The domain controller of root domain has been crashed. I do not know how long it has been down. Finally, I rebooted the server and came online. I tried to add the second domain controller but can not. then I tried to join the PC to this domain and can not which no domain controller found. I got these events in the direcory services: event id 1645 with source NTDS replication, event id 1126 with source global catalog,....I run dcdiag and fsmo failed check. Is there a way I can make this domain controller recognized by this domain without wiping out everything? (windows 2003 R2 SP2)

Hello John,

The machine was to long out of the domain. You can find it in dcdiag output,
when the last attemp was succesful for replication, somewhere in 2007.

Check out this ones, maybe you can get it back with this articles:
http://blogs.dirteam.com/blogs/jorge/archive/2005/11/24/153.aspx

http://blogs.dirteam.com/blogs/jorge/archive/2006/05/08/Lingering-objects.aspx

http://technet2.microsoft.com/windowsserver/en/library/4f504103-1a16-41e1-853a-c68b77bf3f7e1033.mspx?mfr=true

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

Quote:

Hi Meinolf, Thank you. It could be tomestone issue. BTW, this is my test environment and I really do not how long the root domain DC was down before. One day when I checked my root dc log and found lots of replication issues and server frozen. Later, I rebooted the server and it came back. The outbound and inbound replication is disabled and I just enabled through adsiedit.msc. I have only one root domain DC. Thank you!!! "Meinolf Weber" wrote: Hello John, Ok, your dcdiag stated a tombstone lifetime issue, it's over the 60 day limit when replication has to occur. Please describe in detail about the crashed DC and what you have done. So in the root domain this was the only DC, is that correct? Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm Hi all, The domain controller of root domain has been crashed. I do not know how long it has been down. Finally, I rebooted the server and came online. I tried to add the second domain controller but can not. then I tried to join the PC to this domain and can not which no domain controller found. I got these events in the direcory services: event id 1645 with source NTDS replication, event id 1126 with source global catalog,....I run dcdiag and fsmo failed check. Is there a way I can make this domain controller recognized by this domain without wiping out everything? (windows 2003 R2 SP2)